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In the claims: 

1 . In a design zone system with means for starting a VPN tunnel between 
workstations to establish a secure encrypted tunnel end to end wherein each partner is 
identified with a different VPN group/password; means for starting a session by the 
partner in a Web page on a portal machine that authenticates thru LDAP the 
user/password of the person; means for routing the session to an engagement box 
depending on the person where the engagement boxes are on network segments 
separated by firewall boxes with another logon/password and is validated thru second 
LDAP and wherein all users of the same partner are all launching on the same box ; 
and means for accessing data and applications from that engagement box on Network 
File system storage authenticated LDAP to get benefit of a big compute farm 
composed of many high-end servers in a very secure way, a method of providing 
highly secure access to EDA licenses from servers of an owner inside an Intranet of 
said owner without a security risk comprising the steps of: 
providing a license proxy server in said design zone; and 
application hosts inside said design zone contacting the license proxy server 
which in turn fetches the licenses from said Intranet. 



2. In a system of enabling collaboration by owners of a collaborative network with 
partners such as sub-contractors, customers and/or Electronic Design Automation (EDA) 
vendors without compromising Intellectual Property by providing by the owner a highly 
secure common resource computing environment or design zone with services on the 
common resource or design zone being protected by multiple layers of security to 
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engagement boxes of the partners where the partners can work simultaneously, run 
simulation tests, emulate software problems and share in a secure zone with just the 
remote display going back to the engagement box of the partner and therefore to the 
partner outside the owner, a method to provide access to EDA licenses managed by a 
manager running on license servers inside an owner's Intranet comprising the steps of : 
providing a license proxy in the design zone that will act as a relay agent and routing all 
the connections from design zone into the owner's Intranet. 

3 . In a method while executing outsourcing projects in a secure design zone a method to 
provide access to EDA licenses managed by software daemon manager running on 
license servers inside an Intranet separated from the design zone by a firewall without 
opening all TCP inbound connections inside the Intranet for ports greater than 1023 from 
all the hosts in contractor or design zone on which EDA applications are run comprising 
the steps of : 

providing a license proxy server inside the design zone, 

application hosts in the design zone contacting the license proxy server, and 

said license proxy server fetching licenses from the Intranet so that only the required 

ports for the licensed proxy server are opened in the design zone. 

4. In a system for executing outsourcing projects in a secure contractor or design zone a 

means to provide access to EDA licenses managed by software daemon manager running 

on license servers inside an Intranet separated from the design zone by a firewall without 

opening all TCP inbound connections inside the Intranet for ports greater than 1023 from 

all the hosts in the design zone on which applications are run comprising: 

a license proxy server inside the design zone, 
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application hosts in the design zone contacting the license proxy server, and 

said license proxy server fetching from the Intranet so that only the required ports for the 

license proxy server are opened in the design zone. 

5. In a system for executing outsourcing projects in a secure contractor or design zone, a 
method to provide access to servers inside an Intranet separated from the design zone by 
a firewall without opening all TCP inbound connections inside the Intranet for ports 
greater than 1023 from all the hosts in contractor or design zone on which EDA 
applications are run comprising the steps of : 

providing a license proxy server inside the design zone, 

providing application hosts in the design zone contacting the license proxy server, and 
said proxy server fetching licenses from the Intranet so that only the required ports for the 
proxy server are opened in the design zone, 

6. A system for enabling collaboration by an owner of a collaborative network with 
partners such as sub-contractors, customers and/or Electronic Design Automation (EDA) 
vendors without compromising Intellectual Property comprising: 

a highly secure common resource design zone with services wherein data input and 
output remains on the secure common resource design zone; 

means for providing security to separate engagement boxes for each partner in said 
secure common resource design zone where the partners can work simultaneously, run 
simulation tests, emulate software problems or share in said secure common resource 
computing zone with just the remote display is going back to the engagement box of the 
partner and therefore to the partner outside the owner; 
a proxy server inside the secure common resource design zone, 
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application hosts in the secure common resource design zone contacting the proxy server, 
and 

said proxy server fetching from the Intranet so that only the required ports for the proxy 
server are opened in the secure common resource design zone. 

7. The system of Claim 6 wherein said proxy server is a license proxy server. 

8. The system of Claim 7 wherein said means for providing security to separate 
engagement boxes includes means for providing a VPN tunnel between workstations to 
establish a secure encrypted tunnel end to end wherein each partner is identified with a 
different VPN group/password; 

means for starting a session by the partner in a Web page on a portal machine that 
authenticates thru LDAP the user/password of the person; 

means for routing the session to an engagement box depending on the person where the 
engagement boxes are on network segments separated by firewall boxes with another 
logon/password and is validated thru second LDAP and wherein all users of the same 
partner are all launching on the same box; and 

means for accessing data and applications from that engagement box on Network File 
system storage authenticated LDAP to get benefit of a big compute farm composed of 
many high-end servers in a very secure way. 

9. The system of Claim 8 including a backend segment that includes an owner's Intranet 
access through a firewall to an owner's Intranet. 

10. The system of Claim 9 including an access box for management of all critical boxes 
in said secure design zone. 
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